And for better understanding, I generated almost the same certificate in both
C509 and X509, here the text representation of them:
(Native) C509:
0: 02 # [0]. certificate type=2: native C509
1: 42 # [1]. serial number=byte[2]
2: 1234
4: 00 # [2]. signature alg=0: ECDSA-SHA256
5: F6 # [3]. issuer=<null>
6: 1A 6775D700 # [4]. notBefore=1735776000: 2025-01-02T00:00:00Z
11: 1A 69570A80 # [5]. notAfter=1767312000: 2026-01-02T00:00:00Z
16: 84 # [6]. subject=array[4], 2 attributes
# attribute[0]
17: 01 # type=1: commonName
18: 68 # value=char[8]
19: 6D61696C6C697374 # "maillist"
# attribute[1]
27: 04 # type=4: country
28: 62 # value=char[2]
29: 4445 # "DE"
31: 01 # [3]. subjectPublicKeyAlg=1: EC public key with
# curve secp256R1
32: 58 41 # [8]. subject public key=byte[65]
34: 04F413596A87125995B4E0D8B7BEFBC4D6EDB11F61AF08AB
58: 32408D4FF9F9078DDBAB3635AFD496D5656A22EFDC3D59C4
82: 482A99836BB358FBF4CA78D3930436C857
99: 86 # [9]. extensions=array[6]
# extension[0]
100: 02 # type=2: KeyUsage
101: 01 # value=1: [digitalSignature]
# extension[1]
102: 23 # type=-4: BasicConstraints, critical
103: 21 # value=-2: CA: false
# extension[2]
104: 08 # type=8: ExtendedKeyUsage
105: 01 # 1: serverAuth
106: 58 40 # [10]. signature value=byte[64]
108: 8A25E8AABBA4B19B8E0D1596A476C2C42F5068F5F3457606
132: 806E2F284A22E6E76AD9BFA696BF9D8E27E6FD77D424C03B
156: 3C361A6843AA0601AD813CC6E947ADBF
172:
X509
0:d=0 hl=4 l= 355 cons: SEQUENCE
4:d=1 hl=4 l= 264 cons: SEQUENCE
8:d=2 hl=2 l= 3 cons: cont [ 0 ]
10:d=3 hl=2 l= 1 prim: INTEGER :02
13:d=2 hl=2 l= 2 prim: INTEGER :1234
17:d=2 hl=2 l= 10 cons: SEQUENCE
19:d=3 hl=2 l= 8 prim: OBJECT :ecdsa-with-SHA256
29:d=2 hl=2 l= 32 cons: SEQUENCE
31:d=3 hl=2 l= 17 cons: SET
33:d=4 hl=2 l= 15 cons: SEQUENCE
35:d=5 hl=2 l= 3 prim: OBJECT :commonName
40:d=5 hl=2 l= 8 prim: UTF8STRING :maillist
50:d=3 hl=2 l= 11 cons: SET
52:d=4 hl=2 l= 9 cons: SEQUENCE
54:d=5 hl=2 l= 3 prim: OBJECT :countryName
59:d=5 hl=2 l= 2 prim: UTF8STRING :DE
63:d=2 hl=2 l= 30 cons: SEQUENCE
65:d=3 hl=2 l= 13 prim: UTCTIME :250102000000Z
80:d=3 hl=2 l= 13 prim: UTCTIME :260102000000Z
95:d=2 hl=2 l= 32 cons: SEQUENCE
97:d=3 hl=2 l= 17 cons: SET
99:d=4 hl=2 l= 15 cons: SEQUENCE
101:d=5 hl=2 l= 3 prim: OBJECT :commonName
106:d=5 hl=2 l= 8 prim: UTF8STRING :maillist
116:d=3 hl=2 l= 11 cons: SET
118:d=4 hl=2 l= 9 cons: SEQUENCE
120:d=5 hl=2 l= 3 prim: OBJECT :countryName
125:d=5 hl=2 l= 2 prim: UTF8STRING :DE
129:d=2 hl=2 l= 89 cons: SEQUENCE
131:d=3 hl=2 l= 19 cons: SEQUENCE
133:d=4 hl=2 l= 7 prim: OBJECT :id-ecPublicKey
142:d=4 hl=2 l= 8 prim: OBJECT :prime256v1
152:d=3 hl=2 l= 66 prim: BIT STRING
0000 - 00 04 f4 13 59 6a 87 12-59 95 b4 e0 d8 b7 be fb ....Yj..Y.......
0010 - c4 d6 ed b1 1f 61 af 08-ab 32 40 8d 4f f9 f9 07 [email protected]...
0020 - 8d db ab 36 35 af d4 96-d5 65 6a 22 ef dc 3d 59 ...65....ej"..=Y
0030 - c4 48 2a 99 83 6b b3 58-fb f4 ca 78 d3 93 04 36 .H*..k.X...x...6
0040 - c8 57 .W
220:d=2 hl=2 l= 50 cons: cont [ 3 ]
222:d=3 hl=2 l= 48 cons: SEQUENCE
224:d=4 hl=2 l= 11 cons: SEQUENCE
226:d=5 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage
231:d=5 hl=2 l= 4 prim: OCTET STRING
0000 - 03 02 07 80 ....
237:d=4 hl=2 l= 12 cons: SEQUENCE
239:d=5 hl=2 l= 3 prim: OBJECT :X509v3 Basic Constraints
244:d=5 hl=2 l= 1 prim: BOOLEAN :255
247:d=5 hl=2 l= 2 prim: OCTET STRING
0000 - 30 00 0.
251:d=4 hl=2 l= 19 cons: SEQUENCE
253:d=5 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key Usage
258:d=5 hl=2 l= 12 prim: OCTET STRING
0000 - 30 0a 06 08 2b 06 01 05-05 07 03 01 0...+.......
272:d=1 hl=2 l= 10 cons: SEQUENCE
274:d=2 hl=2 l= 8 prim: OBJECT :ecdsa-with-SHA256
284:d=1 hl=2 l= 73 prim: BIT STRING
0000 - 00 30 46 02 21 00 8a 25-e8 aa bb a4 b1 9b 8e 0d .0F.!..%........
0010 - 15 96 a4 76 c2 c4 2f 50-68 f5 f3 45 76 06 80 6e ...v../Ph..Ev..n
0020 - 2f 28 4a 22 e6 e7 02 21-00 c3 8c 9e d0 74 00 2a /(J"...!.....t.*
0030 - 75 f9 fb 61 cb 22 fa b5-de 99 5f bb 25 f9 d1 b0 u..a."...._.%...
0040 - 08 71 a3 30 c8 3a e1 57-da .q.0.:.W.
> On 9. Oct 2025, at 11:59, Lijun Liao <[email protected]> wrote:
>
> Update:
>
> C509 vs X509 is much more than CBOR vs ASN.1 DER, here some key optimisation
> points:
>
> 1. Use int instead of AlgorithmIdentifier to identify the signature
> algorithms, key algorithms
> 2. Use int instead of OBJECT IDENTIFIER to identify RDN (a names consisting
> of multiple RDNs), extensions, Extended Key Usage, Policy Identifiers, ….
> 3. Use text (or SpecialText for technically correct) instead of complex ASN.1
> SET for RDN value.
> 4. Use better machine-readable int instead of text for the timestamp (e.g. in
> NOT BEFORE, NOT AFTER).
>
>
>> On 9. Oct 2025, at 11:48, Lijun Liao <[email protected]> wrote:
>>
>> In the PQC era, the main advantage of C509 (CBOR) is the simple encoding
>> (CBOR vs ASN.1 DER).
>>
>> Please do not ignore this difference. Due to the complexity of X.509, the
>> (latest) mbed-tls is only able to parse a very limited subset of the
>> extensions.
>>
>> Regards, Lijun
>>
>>
>>> On 9. Oct 2025, at 11:41, Blumenthal, Uri - 0553 - MITLL <[email protected]
>>> <mailto:[email protected]>> wrote:
>>>
>>> Trying to understand: with the inevitable move to PQ algorithms and
>>> certificates, the bulk of the certificate “volume” will be occupied by the
>>> public key and signature - the metadata size will “drown in the noise”.
>>>
>>> In that case, what are the benefits of CBOR?
>>> Or is the assumption that ECC crypto with its small key and signature sizes
>>> will be there for the foreseeable future?
>>> —
>>> Regards,
>>> Uri
>>>
>>> Secure Resilient Systems and Technologies
>>> MIT Lincoln Laboratory
>>>
>>>> On Oct 9, 2025, at 04:46, Lijun Liao <[email protected]
>>>> <mailto:[email protected]>> wrote:
>>>>
>>>>
>>>> This Message Is From an External Sender
>>>> This message came from outside the Laboratory.
>>>> 1. There are not standard-conform X509 certificates, but such certificates
>>>> are usually not allowed in the public areas (e.g. CA/Browser Forum). If
>>>> exists, only ignorable percent.
>>>> 2. For the not standard-conform fields issuer, subject, and extensions,
>>>> the CBOR-compressed version uses the DER-encoded bytes so that it can
>>>> still be converted back.
>>>>
>>>>> On 8. Oct 2025, at 23:19, Phillip Hallam-Baker <[email protected]>
>>>>> wrote:
>>>>>
>>>>> It is a feature that is going to impose a very high burden on developers,
>>>>> is unlikely to work because of issues that are outside their control
>>>>> (i.e. X.509v3 certs not necessarily using correct DER) and is going to
>>>>> prevent the wider effort taking advantage of the opportunity to break
>>>>> backwards compatibility and jettison some of the X.500 legacy.
>>>>
>>>> _______________________________________________
>>>> COSE mailing list -- [email protected] <mailto:[email protected]>
>>>> To unsubscribe send an email to [email protected]
>>>> <mailto:[email protected]>
_______________________________________________
COSE mailing list -- [email protected]
To unsubscribe send an email to [email protected]
